﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;

namespace Web.Areas.Admin.Filters
{
    public class AdminAuthFilter : FilterAttribute, IAuthorizationFilter
    {
        Manager.BLL.Admin.M_RoleModuleBll bllRM = new Manager.BLL.Admin.M_RoleModuleBll();

        public int ModuleID { get; set; }
        public string Ope { get; set; }

        public void OnAuthorization(AuthorizationContext filterContext)
        {
            string actionname = filterContext.ActionDescriptor.ActionName;
            string controller = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName;

            Manager.Model.Admin.M_Admin loginAdmin=filterContext.HttpContext.Session["Administrator"] as Manager.Model.Admin.M_Admin;

            bool res = bllRM.CheckPermission(loginAdmin.RoleID.Value, ModuleID, Ope);
            if (loginAdmin.RoleID == 1)
                return;
            if (!res)
            {
                /*
                if (Ope.IndexOf("view") > -1)
                {
                    filterContext.HttpContext.Response.Write(Resources.Global.msg_nopeo);
                    filterContext.Result = new EmptyResult();
                }
                else
                {
                    filterContext.Result = new JsonResult
                    {
                        Data = new
                        {
                            success = false,
                            title = Resources.Global.msg_title_notice,
                            msg = Resources.Global.msg_nopeo
                        },
                        JsonRequestBehavior = JsonRequestBehavior.AllowGet
                    };
                }
                 * */
                filterContext.HttpContext.Response.Write(Resources.Global.msg_nopeo);
                filterContext.Result = new EmptyResult();
            }
        }
        
    }
}